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(54) Encryption system with transaction coded decryption key 



(57) The encryption secured computer system (10) 
includes a server (12) that communicates with clients 
(14-20) across a public network (21) using a novel 
transaction coded decryption key technology that dis- 
courages wrongful redistribution of protected informa- 
tion such as digital musical scores, and allows for 
tracking of infringing activity. In one implementation, the 
server (12) distributes access software and partially 
encrypted musical scores to clients upon request. A cli- 
ent can sample the partially encrypted scores prior to 



consummating a transaction. When a score is selected, 
the client enters payment information and is assigned a 
password that is specific to the client and transaction. 
The password functions as a decryption key to enable 
use of the musical score by the client employing the 
access software. Any subsequent wrongful redistribu- 
tion of the musical score together with the decryption 
password can be traced due to client identifying infor- 
mation encoded into the password. 
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Desciipti n 

Reld of the Invention 

The present invention relates generally to monitor- 
ing the distritxition of information that is accessit>le 
through a public network and, in particular, to a method 
and system for using key-based encryption to inhibit 
and track unauthorized distribution by a key holder. The 
- invention has particular application with regard to the 
^ commercial distribution of copyrighted works or other 
V proprietary subject matter over a public network. 

Background of the Invention 

The advent of widely available public computer net- 
works, and particularly public networks capable of sup- 
porting multimedia functions such as the Internet, 
presents a great opportunity for consumers and content 
providers such as music publishers. Such networks 
afford content providers increased access to an ever 
growing market. Consumers benefit from improved 
access to information and greater convenience. Moreo- 
ver, in some cases, the digital nature of the information 
received over a network is preferable to nrare conven- 
tional modes such as printed media. For example, dig- 
ital sheet music can be printed to r^licate its printed 
media counterpart. Additionally, the digital sheet music 
can be directly processed by aucfio and video playliack 
programs, as well as by a variety of digital muacal 
instruments and equipment such as Musical Instrument 
Digital Interface (MIDI) devices. 

Despite this potential, content providers have been 

*t reluctant to embrace this market in many cases. One 
reason for this reluctance has been a perceived threat 
that access to proprietary subject matter such as copy- 

. righted music over a public network will erode owner- 
ship interests in and revenues from such subject matter. 
The concern is that unscrupulous persons will wrong- 
fully access such subject matter or that authorized 
users, having rightfully accessed the subject matter, will 
thereafter distribute the subject matter in contravention 
of the content providers' rights. Although such possibili- 
ties exist in connection with other modes of distribution, 
public network distribution is thought by some to 
present peculiar dangers due to the ease with which 
widespread distribution can be accomplished, e.g., via 
bulletin boards and the like. 

Indeed, conventional computer security systems 
developed to control access to restricted access data 
are not well-suited to address these concerre of content 
providers. For example, access password systems are 
somewvhat effective in limiting access to designated 
information, but do not afford protection once the infor- 
mation is transmitted from the server system to a public 
network. Encryption systems have been devised to pre- 
vent use of information that is wrongfully intercepted as 
a result of transmission over a network. In this regard, in 



key-based encryption systems, authorized clients are 
provided with a decryption key. The protected informa- 
tion is then transmitted in encrypted form to prevent i^e 
by any intercepting party. The authorized client receives 
5 the encrypted informatbn and uses the decryption key 
to decrypt the information. Unfortunately, such enayp- 
tion systems generally do not provide adequate safe- 
guards to discourage the authorized clients from 
subsequently redistributing the protected information. 

10 

Summarv of the Invention 

The present invention is directed to a method and 
system for controlling access to protected information 

75 from a server, as well as discouraging and tracking sub- 
sequent redistribution of such information after it has 
been transmitted from the server. The invention facili- 
tates commercial distribution of proprietary subject mat- 
ter through public or open networks by providing 

20 improved protection of proprietary rights and increasing 
the likelihood that infringing activity will be corrected. 
Moreover, the invention provides increased marketing 
flexibility by allowing for limited, multiple-use authoriza- 
tion and pre-purchase sampling of copyrighted works or 

25 Other confidential subject matter The invention also 
provides a novel, encryption on-demand capability 
which, it is believed, has not been feasible in connection 
with physical storage media such as CD-ROM £ind mag- 
netic storage media. 

30 According to one aspect of the present invention, a 
method and corresponding system is provided for mon- 
itoring distritxition of information accessible over a pub- 
lic network on a client-specific basis. The mettiod 
includes the steps of: estak^lishing a database of infor- 

35 mation at a server; encrypting at least a portion of the 
information using a key-based encryption system; in 
connection with a request by a client, assigning a client- 
specific key to the client; and transntrtting the key to the 
client. The client-specrfic key includes some indicia that 

40 can be used to identify the client, thereby allowing for 
monitoring of information use on a client-specific basis. 

TTie database can include various types of informa- 
tion, for example, digital sheet music, literary or artistic 
works, software programs, or other subject matter trans- 

45 mittable in digital form. Any identifying information can 
be coded into the key for client Identification. Examples 
include: personal or financial data provided by the cli- 
ent; address information for the clients' computer or web 
site; account numbers or serial numljers; other informa- 

50 tion for identifying the computer used by tiie client; and 
alDbreviated or encoded versions of any of the at>ove. 
Conveniently, such information can be stored in a sepa- 
rate client database and indexed to the key. Preferably, 
the deayption system requires entry of the key each 

55 time the protected information is used (Le^. the system 
does not store the information in decrypted form) and 
appends the client Identifying infornnation to any redis- 
tributed digital or hard copies of the information. In this 
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manner, the client is discoufBged from redistributing the 
protected information because the key is required to 
use the information in its original digital form, arxJ distri- 
bution of the key or an identified hard copy may involve 
disclosure of sensitive information or othenwise create a 
traceable record of the client's infringing activity. 

According to another aspect of the present inven- 
tion, a method and corresponding system is provided 
for enabling transaction-specific access authorization 
with respect to protected information. The method 
involves the use of a key-based encryption system, 
such as generally discussed above, where decryption 
keys are assigned on a transaction-by-transaction 
basis. That is, decryption keys are assigned on demand 
in connection with a transaction involving communica- 
tion of the protected information from the server to a cli- 
ent. For example, the transaction may involve the 
purchase of a copy of sheet music, a digita! musical 
score or other protected information, or it may involve 
paying a license fee to use such information a desig- 
nated number of times, for a designated duration, or 
during a designated license term. The key can include 
information sufficient to identify the subject information 
and/or the client. The invention thereby allows for trans- 
action-specific authorization and increased market- 
ing/distribution possibilities. 

According to a further aspect of the present inven- 
tion, partially encrypted information is transmitted prior 
to providing a decryption key so as to allow for sampling 
of the information before a transaction is consummated. 
In particular, the associated method irwolves establish- 
ing a database of information at a network server, 
encrypting a portion of the information and receiving an 
access request. Upon receiving an access request, a 
selected portion of the information is transmitted in par- 
tially encrypted form and, thereafter, a decryption key is 
transmitted to the client. By way of example, the partially 
encrypted information can be sheet music where only 
the first page of a score is unencrypted tor viewing. The 
client can thereby browse through a selection of scores 
prior to making a purchasing decision, authorizing pay- 
ment and. in response, receiving a decryption key. 

According to a still further aspect of the present 
invention, a method and corresponding system is pro- 
vided for enabling post-transmission monitoring of infor- 
mation use by a client. The method includes the steps 
of: receiving encrypted information and storing the infor- 
mation in memory in its encrypted form; receiving a 
decryption key and storing the key in memory separate 
from the encrypted information, for example, in a cache; 
identifying a request by a client to access the informa- 
tion; in response to the request, retrieving the encrypted 
information and key from memory and, thereafter, 
decrypting the information; and outputting the informa- 
tion for use by the client. The method can be inple- 
mented, for example, by playback/display software 
running on a client computer. The software can be pro- 
grammed for limiting access to the protected informa- 



tion according to transaction parameters e.g.. limiting 
access to the scope of a license purchased by the cli- 
ent. The access request can be an "open file." "display," 
or "print" message or the like. 

5 In a preferred implementation, the protected Infor- 

mation is never saved in its decrypted form but. rather, 
is only decrypted on a just-in-time basis when the corre- 
sponding file(s) is opened for use. Accordingly, redistri- 
bution of the information in its decrypted form is 

10 discouraged or practically prevented. Moreover, in order 
to permit third-party use of the information, redistribu- 
tion of the information in its encrypted form will also 
require distribution of the decryption key. which may be 
an unattractive option for the client. 

75 The present invention thus allows for monitoring 
access to protected information on a server and subse- 
quent use or redistribution by a client. Addrtionally, the 
invention allows for tracking of any unauthorized redis- 
tribution and thus facilitates enforcement of server 

20 rights. The invention also provides for increased mar- 
keting/distribution options and novel on-demand 
decryption key coding. By virtue of these and other 
advantages, the invention promotes distribution of pro- 
prietary subject matter over public networks to the 

25 mutual benef it of consumers and content providers. 

Brief Description of the Drawings 

For a more complete understanding of the present 
30 invention and further advantages thereof, reference is 
now made to the following detailed description, taken in 
conjunction with the drawings, in which: 

Rg. 1 is a schematic diagram of a computer system 
35 In accordance with the present invention; 

Fig. 2 is a chart providing a functional overview of 
the distribution monitoring system of the present 
invention; 

Fig. 3 is a diagram of the Music Viewer download 
40 function of the system of Fig. 2; 

Rg. 4 is a diagram of the music download function 
of the system of Fig. 2; 

Fig. 5 is a diagram of the on-line music purchase 
function of the system of Fig. 2; 
45 Rg. 6 Is a flow chart of the music printing function of 
the system of Rg. 2; 

Rg. 7 Is a flow chart of the music viewing function of 
the system of Rg. 2; 

Rg, 8 is a schematic diagram of the encryp- 
50 tion/decryption components of the system of Rg. 2; 
and 

Rg. 9 is a flow chart of the encryption/decryption 
function of the system of Fig. 2. 

55 Detailed Description of the Invention 

The distribution monitoring system of the present 
invention is useful in a variety of applications where it is 
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desired to monitor the distrbution of proprietary subject 
matter over a public network- In the following descrip- 
tion, the invention is set forth in the context of monitoring 
distribution of digital musical scores over a network. It 
will be appreciated that this particular application is set 
forth for the purpose of illustrating the invention, and 
various aspects of the invention have broader applica- 
tion as defined by the claims below. 

Fig. 1 illustrates an encryption secured computer 
system 10 according to the present invention. The com- 
puter system 10 includes a server 12 that can commu- 
nicate with clients 14-20 across a public network 21 

^ such as the Internet. In the case of the Internet the 
server 12 can be accessed via the Netscape 2.01 or 
Microsoft Internet Explorer 3.0. or higher browsers. The 
server 12 generally includes a processor 22 and a 
library or datat>ase of digital musical scores stored in a 
memory 24 as files 26-32. As discussed in detail below, 
the server 12 is operative for receiving access requests 
from clients 14-20. assigning decryption keys or pass- 
words and transmitting an accessing program and 
selected scores to the clients 14-20 over network 21 . A 
number of other functions relating to receiving payment, 
indexing and storing encoded decryption passwords 
and the like are also performed by server 12. 

For present purposes, the clients 14-20 may be 
considered as being functionally equivalent. Details of 
only one of the clients 1 4 are shown in Fig. 1 . Generally, 
the client 14 includes a central processing unit (CPU) 
34. an internal cache 36 and/or external cache 38, 
memory 40 and input/output (I/O) hardware 42. all inter- 
connected via data bus 44. The CPU. which may 
include any suitable nnicroprocessor. is operative for 

*. downloading and running tiie accessing program, 
accessing memory 40 and caches 36 and 38. and com- 
municating with I/O hardware 42. In the illustrated 
embodiment, the CPU 34 also includes a built-in. inter- 
nal cache for storing the decryption key used to decrypt 
downloaded nmsical scores. Generally, cache 36 is an 
area of extremely fast Random /Access Memory (RAM) 
for storing frequently used or time aitical data so as to 
allow for faster operation. The cache 36 can be 
accessed more rapidly than memory 40. Alternatively, 
the decrypting key can be stored in an external cache 
38. which may comprise a RAM chip located on the 
computer motherboard. Memory 40. which is separate 
from caches 36 and 38, may include computer memory 
as well as the storage of floppy disks, CD-ROM drives 
and hard drives. The I/O hardware 42 can include a 
numl>er of types of devices including a mouse, key- 
board or other user input device; a viewing monitor; a 
printer; or a MIDI device. 

Rg. 2 provides a functional overview of a music dis- 
tribution monitoring system 46 used in connection wrth 
the computer system 10 of Fig. 1. As shown in Fig. 2. 
the monitoring system 46 can be broken down into a 
number of furKrtions that are executed by logic on the 
server and/or a dient. The functions of the illustrated 



system 10 include: downloading (48) a music accessing 
program, in this case designated the **Music Viewer." for 
use by a client in accessing music files stored on the 
server; dovmloading (50) a selected musical score from 

5 the server; purchasing (52) music on-line (and thereby 
obtaining an access license and encoded decryption 
key); printing (54) and/or viewing (56) the music arxJ 
music encryption/decryption. It will be appreciated that 
the music may also be reproduced from digital informa- 

10 tion using a MIDI device or the like. Each of these func- 
tions is discussed in turn below. 

Fig. 3 illustrates the Music Viewer download func- 
tion of one inrplementation of the present invemion. 
After communication between the server and client has 

15 been established through the network, the client initi- 
ates the download function by requesting (58) the 
server to download the program. This request can be 
entered by following appropriate prompts from the 
server site. The server receives (60) the download 

20 request and sends (62) tiie Viewer software package to 
the client. Upon receiving (64) tiie software package, 
the client runs the setup code to install the Music Viewer 
software. In order to access musical scores stored in 
the server library in the illustrated system, the client 

25 assigned a unique Viewer identification code. Accord- 
ingly, the client is prompted to request (66) a Viewer ID 
as part of the download procedure. In response to the 
ID request, the server generates (68) a Viewer ID and 
logs the ID in a Viewer database. The server then sends 

30 (70) the newly generated Viewer ID to the client and 
logs the transmission time and date, the Internet Proto- 
col (IP) address (or similar information for other net- 
works) of the client, and the client's machine name or 
type ( as entered by the client user or determined from 

35 a ti-ansmission header or the like). The client then 
receives (72) tiie assigned Viewer ID and a successful 
installation is thus completed. 

The system of the illusti-ated embodiment allows 
the client user to browse through the music library and 

40 view a selected portion, e.g., the first page, of musical 
scores prior to consummating a transaction by purchas- 
ing a music copy or paying a license fee. Fig. 4 illus- 
trates the associated pre-purchase music download 
function. The function is initiated when the client selects 

45 a score to sample and requests (74) the music from the 
server. In this regard, the score may be selected from a 
list of tities by scrolling tiirough the libwary and clicking 
on a selected titie, by using a search function to call a 
titie, or by any other appropriate means. The Viewer ID 

50 is also sent to the server at this time. Upon receiving the 
request, the server finds (76) the requested musical 
score, compresses and encrypts (or partially encrypts) 
the score as will be described below, and stores the 
encrypted score in the download area. In addition, the 

55 server assigns and logs a decryption key that is unique 
to the client and also logs an identification code for the 
score, the download IP, and the Viewer ID for the trans- 
mission. For example, the key can be a password com- 
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posed of two 32 bit numbers wtiere one of tfie numbers 
is an index to identify ttie client in a client datal^ase and 
the other number is random, or encoded with additional 
information as desired. By indexing the key or password 
to the client database in this manner, the password can 5 
be used to identify the client, look up license or account 
information and otherwise monitor distribution on a cli- 
ent-specific and transaction-specific basis. 

The server then sends (78) the client the Uniform 
Resource Locator (URL) address of the newly 10 
encrypted music. Upon receiving (80) the URL. the cli- 
ent can request (82) a download of the file or files con- 
taining the encrypted music. The server then finds (84) 
the enaypted music in the download area, queues up 
the music, and downloads (86) the music to the dient. is 
The dient lecetves (88) the encrypted music and stores 
the music m memory, e.g., computer memory, hard 
drive storage etc At this point in the illustrated imple- 
mentation. I e . piior to purchase, only the first page of 
the score is not eoaypted. Accordingly, the client user 20 
can play and (90) tne first page of the music to ver- 
ify that the downloaded score is the score desired by the 
user and to othecwtse evaluate purchasing options. 

After thus browsing through the music library and 
sampling one Of more scores, the client user may 25 
decide to make an on-line music purchase, e.g., to pur- 
chase a copy of the mjsic in sheet music form, or to pay 
a license fee to pnnt copies, view the music in its 
entirety, play back the music on the client's I/O hard- 
ware, or otherwise use the music. Such a license may so 
be for single use nruttiple use. unlimited use during a 
license term, etc Fig 5 illustrates the on-line purchase 
function. The function is initiated by the client by send- 
ing (92) payment information (for example, a credit card 
account number and expiration date, or the number of a 35 
previously established, pre-paid or unpre-paid account 
« with the server institution), the score ID, the download 
IR Viewer ID and/or any other information to the server. 
Some or ail of this information may have already been 
transmitted to the server in connection with browsing 40 
the music library and would not necessarily have to be 
retransmitted. The exchange of personal and financial 
information can be encrypted using standard public key 
encryption as provided, for example, in the Secure 
Sockets layer of the browser. 4S 

Upon receiving (94) this information, the server 
downloads the score and Viewer ID, and contacts the 
client user's financial institution or a credit card approval 
service, looks up balance information, or otherwise 
obtains authorization for the transaction. Based on the so 
results of this authorization inquiry, the server sends 
back (96) to the client either a bad payment message 
(e g. "payment declined ), or the server sends a decryp- 
tion password and logs the password and other transac- 
tion information in its database. By operation of the ss 
Music Viewer software, the client then receives (98) the 
password and stores the password in a password data- 
base separate from the downloaded music. It will thus 



be difficult for a client user to irrproperly redistribute 
hiustc because the user will generally not be aware that 
a decryption password has been stored in its system, 
nor will the user know how to access the password. In 
operation, the Music Viewer software monitors dient 
messages until it receives (100) an "openfile'* message 
indicating that the user desires to print, playback or oth- 
erv^se use the music. At this time, the Music Viewer 
locates (102) the password, which may be stored in a 
dient cache for speed of operation. The Music Viewer 
can also retrieve license information relevant to the di- 
ent's access request and, in appropriate cases, incre- 
ment the clierrt use count under the license as 
discussed below. If the client has remaining uses under 
a license, the Music Viewer decrypts the score in mem- 
ory. It will be noted that the music is never saved in 
decrypted form, but is only decrypted just-in-time for a 
requested use. thereby discouraging improper redistri- 
bution. 

Rg. 6 illustrates a music printing function according 
to the invention. As previously noted, after downloading 
music and a password, the Music Viewer monitors dient 
messages to identify access requests. When a print 
command is received (104). the Music Viewer consults 
its client database to determine (1 06) whether there are 
any remaining printouts allowed under the license previ- 
ously purchased by the client user. In this regard, the di- 
ent user may have payed a single use or multi-use 
license fee. If the license has been exhausted, the client 
is notified (108) accordingly, and information may be 
provided concerning options for paying a further license 
fee. Otherwise, the Music Viewer encodes (1 1 0) various 
information regarding the transaction in the user data- 
t>ase, e.g., Viewer ID. score ID, download ID, date, time 
and number of licensed printouts used. This information 
can be encoded, for example, in a base 72 nunnber 
string in an appropriate format, and then printed (112) 
on the copy (e.g., next to the copyright notice). Similarly, 
this same identification information can be written into a 
comment statement of a MIDI file to tag MIDI extrac- 
tions. This information allows for proper incrementing of 
a multi-use license and also allows for subsequent 
tracking of any improper redistribution of the printed 
copy. In this regard, if a printed copy of the score or MIDI 
file is found, the associated transaction and client can 
be readily decoded. 

Instead of. or in addition to printing the music, the 
on-line user may desire to view the music on a monitor. 
For example, the music may be viewed in conjunction 
with playing back the music for enhanced enjoyment, or 
the music may be displayed to facilitate selection of 
playback options involving tempo, instrumentation and 
the like. Fig. 7 illustrates the associated music viewing 
function. Upon receiving (114) a display command, the 
Music Viewer opens (116) the requested music file and 
determines (118) whether the file is encrypted. If the 
music is not encrypted, e.g.. because it has been 
decrypted in a previous step or is public domain music. 
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the music can be directly displayed (124). However, in 
the case where the music is encrypted with the excep- 
tion of the first page for sampling, the Music Viewer pro- 
ceeds to display (1 20) the first page and disable printing 
or MIDI extraction. If the client user then attempts to dis- 
play the remainder of the music, the Music Viewer first 
determines (122) whether a valid and unexpired pass- 
word has been assigned to the user. If so. the music is 
decrypted and displayed (124). Othenwise. an error 
message is displayed ( 1 26) . 

Ftgs. 8 and 9 illustrate one implementation of the 
encryption/decryption function of the music distribution 
monitoring system. It will be appreciated that any suita- 
ble technique, including using a public key encryp- 
tion/decryption algorithm, can be employed as the base 
level encryption/decryption technology In accordance 
with the present invention, in addition, the base level 
encryption/decryption technology can be implemented 
in hardware and/or software logic. The following 
description illustrates one exemplary implementation. 
Referring first to Fig. 8. the encryption/decryption com- 
ponents are schematically shown. On the server side, 
the encryption/decryption subsystem 126 includes com- 
pression logic 128, random number generator 130 and 
exclusive OR (XOR) gate 132. The conpression, which 
can be a conventional data compression software pro- 
gram or a data conpression hardware package, 
receives the raw digital musical score and conrrpresses 
the score for transmission. It will be appreciated that this 
compression, in addition to improving transmission 
speed, enhances subsequent encryption as the com- 
pressed and encrypted data will be especially difficult 
for an intercepting party to decipher. The random 

• number generator 130 can include one or more conven- 
tional random number generating programs. In this 
regard, two such programs can be employed to handle 

-.1 the two 32 bit words of \he decryption password. The 
random number generator 130 implements an algorithm 
for generating a determined series of values starting 
from an initial seed. In the illustrated emlDodiment. the 
assigned password is provided to the generator 130 as 
a seed. The generator 130 also receives an input from 
the compressed data stream line that triggers the gen- 
erator 130 such that the generator 130 outputs a bit 
stream equal in length to and coordinated with the com- 
pressed data stream. The generator output and com- 
pressed data stream are used as the two inputs into the 
XOR gate 132 which performs its characteristic disjunc- 
tive connparator function. The output from XOR gate 
132 is transmitted over the network to the client. 

On the client side, the subsystem 126 includes a cli- 
ent-side random number generator 134 and client-side 
XOR gate 136. each identical to its server-side counter- 
part. The subsystem 126 further includes decompres- 
sion logic 138 that is the logical complement of 
compression logic 128. The random number generator 
134 uses the password as a seed, and generates a bit 
stream of length determined by an input from the 



encrypted data stream. It will thus be appreciated that 
the output bit stream from generator 1 34 will be identical 
to that of generator 132. this output, and tiie encrypted 
data stream, serve as the two inputs into XOR gate 1 36. 

5 The successive operation of the XOR gates 132 and 
136 yield an output from XOR gate 136 that is identical 
to the output from conpression logic 128, i.e.. a com- 
pressed digital music score. This conpressed score is 
deconpressed by deconpression logic 138 to yield the 

to digital score in unconpressed, decrypted form. It 
should be noted that the musical score is decrypted as 
part of the music output process, not prior to saving the 
score. Additionally tiie encryption/decryption process 
can be successively performed on page-sized chunks in 

15 the case of printing, or on appropriately-sized portions 
of an audio output (e.g.. two seconds of the score), in 
order to allow for display/play-back on an as-ready 
basis. 

The encryption/decryption process is summarized 

20 in the flow chart of Fig. 9. The process is initiated, on the 
server side, by receiving (140), or calling from memory, 
a digital representation of the musical score. The digital 
representation is then, in sequence, compressed (142). 
encrypted (144) and transmitted (146) across the net- 

25 work to the client. On the client side, the signal is first 
decrypted (148) to obtain a compressed digital repre- 
sentation, and then decorrpressed (ISO) to obtain the 
digital score. The score can then be output (152) as 
desired by the client user. 

30 The following prophetic example illustrates the 
overall operation of the music distrilxition monitoring 
system of the present invention. A client accesses the 
music distribution server at its World Wide Web site 
using, for exanple, the Microsoft Internet Explorer 3.0 

35 browser. From the server home page, tiie user first 
selects the option for downloading the Music Viewer 
program. After selecting this option, the user follows the 
pronpts or instructions to install the software and, in the 
process, enters various requested identification data. 

40 The user may then return to the home page and select 
the music library option to browse the available selec- 
tions. The user can then scroll through the availat>le 
selections to identify a score of interest, for example. 
"Mozart's Sonata Number 1." In order to verify that this 

45 is the piece that the user has in mind, the user may 
download the score for sampling. The Music Viewer 
software stores the partially encrypted digital score and 
will allow the first page of the score (which is transmitted 
in unencrypted form) to be displayed on the client mon- 

50 itor and played back. 

After one or more scores , are thus sarrpled, the 
user may decide that he desires to print, view or other- 
wise use a digital score and that he therefore desires to 
purchase a copy of or pay a license fee for the score. 

55 The user can then select a purchase function and a 
menu of purchase options will be provided, e.g.. single 
print license multi-print license, unlimited viewing 
license for a given license term, etc. The user selects 
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the desired option, responds to a series of prompts con- 
cerning identification information and payment informa- 
tion, e.g., by entering a credit card number and personal 
information. If payment is approved, the user will be 
assigned a decryption F>assword that is indexed to the 
client's identifying Information in a client database held 
by the server. By way of example, the client may pay a 
license lee for ten printouts. In the same or subsequent 
sessions, the client can request a printout under the 
license. The system will keep track of the number of 
printouts used and allow printing only so long as the 
license is unexhausted. Whenever the user prints out a 
copy of the score, an encoded string of characters is 
printed next to the copyright notice. 

An unscrupulous user may attempt to redistribute 
the music with disregard for the server/copyright 
holder's rights. Having the downloaded music file on his 
system, the user may attempt to redistribute the nrtusic 
electronically. However, having thus attempted to 
wrongfully redistribute the music, the user will discover 
that the redistributed information cannot be used 
because it is encrypted. Such a user may attempt to 
break the encryption code and may even ultimately sur- 
mise that a key has been stored in the client's memory 
somewhere separate from the music file. In the unlikely 
event that the user should succeed in redistributing the 
music together with the password In useable form, the 
infringing user will have unwittingly left a record of his 
infringing activity in the form of the personal information 
that can be derived from the client/transaction encoded 
password. Similarly, redistribution of printed copies or 
MIDI files will provide a record due to the coded charac- 
ter string included with the copyright notice or in com- 
• ment statements. In any event, the coded information 
facilitates enforcement and thus discourages infringe- 
ment. 

While various embodiments and applications of the 
present invention have been described in detail, it is 
apparent that further modifications and adaptations of 
the invention will occur to those skilled in the art. How- 
ever, it is to be expressly understood that such modifica- 
tions and adaptations are within the spirit and scope of 
the present invention. 

Claims 

1. A method for use in monitoring distribution of infor- 
mation accessible through a public network said 
Information included in a database at a server of 
said public network, comprising the steps of: 

encrypting at least a first portion of said infor- 
mation using a key-based encryption system, 
said key-based encryption system requiring 
entry of a key to decrypt said encrypted infor- 
mation; 

in connection with a request by a network cli- 
ent, assigning a first client-specific key to said 



client for decrypting said encrypted informa- 
tion, said first client-specific key including at 
least a first identifier useful for Identifying said 
client; and 

5 transmitting said first client-specific key to said 

client, wherein said key can be used to monitor 
distribution of said information on a client-spe- 
cific basis. 

10 2. A method as set forth in claim 1 wherein said infor- 
mation comprises a digital musical score and said 
step of encrypting at least a portion of said informa- 
tion comprises retaining a second portion of sakJ 
digital musical score in an unencrypted form so as 

75 to allow for sampling of said digital mimical score 
prior to decryption. 

3. A method as set forth in claim 1 wherein said step 
of assigning said first dient-specKic key comprises 

20 acquiring klentrfication information regarding said 
client and encoding said identifier with respect to 
said acquired kjentif ication information. 

4. A method as set forth In claim 3 wherein said iden- 
25 tifier comprises a password that is indexed to a cli- 
ent datat>ase including said identification 
information. 

5. A method as set forth in claim 3 wherein said Iden- 
30 tifier includes information for identifying client 

equipment. 

6. A method as set forth in claim 3 wherein said Iden- 
tifier includes Information for identifying a client 

35 user. 

7. A method as set forth in dalm 1 , further comprising 
the step of transmitting said encrypted information 
to said client prior to said step of transmitting said 

40 first client-specific key. 

8. A method as set forth in dalm 1 , further comprising 
the step of transmitting accessing software to a cli- 
ent, said accessing software being operative for 

45 allowing said client to access said Information in 
said database. 

9. A method as set forth in daim 8. further comprising 
the step of employing said accessing software to 

so print a copy of said information. 

10. A method as set forth in claim 8 wherein said infor- 
mation comprises a digital representation of a musi- 
cal score, and said metiiod further conprises the 

55 step of employing said accessing software to play 
back said musical score. 

11. A method as set forth in claim 8, farther comprising 
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the step of displaying said Information. 

12. A method as set forth in claim 1 wherein said step 
of assigning said first client-specific key is con- 
ducted in response to receiving said request by 
said client. 

13. A method as set forth in claim 1 . further comprising 
the steps of storing said information in a first area of 
memory and storing said first key in a secorxl area 
of memory separate from said first area, wherein 
said information and said first key can be separately 
accessed. 

14. A method as set forth in claim 1, further comprising 
the steps of storing said information in a client 
memory in encrypted form, receiving a request to 
output said irrformation, and decrypting said 
encrypted information in response to said output 
request. 



19. A computer system as set forth in claim 18. further 
comprising a second area of memory for storing 
said identification information, wherein said identifi- 
cation information is indexed to said decryption key. 

5 

20. A system as set forth in claim 1 8 or 1 9 wherein said 
controller Is further operative for receiving payment 
information from a client, wherein said decryption 
key is assigned in response to receiving said pay- 

10 ment information. 

21 . A system as set forth in daim 18. 19. or 20 wherein 
said protected infomriatton comprises a digital musi- 
cal score and said encryption logic is operative for 

15 partially erx:rypting said score. 

22. A system as set forth in claim 18, 19, 20, or 21 
wherein the source is said network client. 

20 



1 5. A method as set forth in claim 1 . further comprising 
the steps of receiving an access request from a 
second network client requesting access to said 
information and assigning a second client-specific 25 
key different from said first client-specific key to 
said second client for decrypting said encrypted 
information. 



1 6. A method as set forth in claim 1 , further comprising 30 
the step of using said first client-specific key to track 
subsequent redistribution of said information. 



17. A method as set forth in claim 1. further comprising 
the steps of outputting an output copy of said infor- 35 
matlon and embedding identification information in 
said output copy, wherein said identification infor- 
mation facilitates tracking of redistribution of said 
information. 

40 

18. A computer system for use in monitoring distribu- 
tion of protected information accessible through a 
public network, comprising: 



a first area of memory tor storing a database 45 
including said protected information; 
a controller operative for receiving an access 
request from a network client requesting 
access to said protected information, obtaining 
identification information useful for identifying a so 
source, and assigning a decryption key using 
said identification information; and 
encryption logic for encrypting said protected 
information based on said decryption key 
wherein said decryption key is useful for 55 
deaypting said encrypted prot cted informa- 
tion. 
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